Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Create an EEM to find a port (mac address)

Hello there,

I´d like to create a script to find where an IP address is associated.

Manually I can do that using the command "show arp | in 10.10.10.50" (IP that I am looking for), that give me the mac address and then I use the command "show mac ad ad 4055.39dc.f468" (mac associated to that IP).

 

GW01#show arp | in 10.10.10.71
Internet  10.10.10.71             0   4055.39dc.f468  ARPA   Vlan10
GW01#show mac ad ad 4055.39dc.f468
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  10    4055.39dc.f468    DYNAMIC     Po4
Total Mac Addresses for this criterion: 1

Would be nice if I can execute the EEM informing the IP address (example: findport 10.10.10.50) and get the final result (interface where this IP is associated).

 

How could I do that? How to pass the IP address that I have typed to EEM and after, how to get the MAC address that the first command shown?

 

Thanks for all.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

The error message could be

The error message could be related to: https://tools.cisco.com/bugsearch/bug/CSCsy89677

If that is the case the error message is cosmetic only.

Cisco Employee

The script has been changed

The script has been changed slightly and is shown below.   Put this into a file and on the switch flash drive or local media.

#############
 

foreach ip $::argv {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"

}}

########

My file is called resolve.tcl and this can be run in exec mode on the switch.

Switch_1#tclsh flash:resolve.tcl 192.168.0.2 192.168.0.1 192.168.0.3
192.168.0.2 = 1    0024.14ac.0f48    DYNAMIC     Fa0/11
192.168.0.1 = 1    0001.6c14.f8c1    DYNAMIC     Fa0/12
192.168.0.3 not in arp table

Switch_1#

 

7 REPLIES
Cisco Employee

If you want to make it

If you want to make it interactive then the tcl shell on the switch is also an option.  A simple script to run the commands for you that can be pasted into the TCL shell.

==============

Switch_1#tclsh
Switch_1(tcl)#proc resolve {args} {
foreach ip $args {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"
}
}}

==========

Then type resolve and the all the ip addresses you want to map.

Switch_1(tcl)#resolve 192.168.0.125 192.168.0.3 192.168.0.2
192.168.0.125 = 1    7001.6c14.1dc1    DYNAMIC     Fa0/12
192.168.0.3 not in arp table
192.168.0.2 = 1    7024.14ac.0f48    DYNAMIC     Fa0/11

Switch_1(tcl)#

 

Thank you so much Daniel.I

Thank you so much Daniel.

I tried your script but I am getting a error...

SW10(tcl)#proc resolve {args} {
% Ambiguous command:  "proc resolve {args} {"

Regards

 

Cisco Employee

The error message could be

The error message could be related to: https://tools.cisco.com/bugsearch/bug/CSCsy89677

If that is the case the error message is cosmetic only.

New Member

I really like this, but I

I really like this, but I would like to be able to give someone access to do the "resolve" part without giving them access to the tclsh - like an operator instead of an admin.  Is there a way to make it a stored procedure and just call the procedure whenever needed? I want to be able to assign the right to a certain privilege level - like priv 5 or something like that.  

Yes!! I was thinking exactly

Yes!! I was thinking exactly about it.

I am not concerned about privileg levels, but it would be really wonderful if we can just put the script once, and after that use only a command (in this case "resolve").

Cisco Employee

The script has been changed

The script has been changed slightly and is shown below.   Put this into a file and on the switch flash drive or local media.

#############
 

foreach ip $::argv {
set result [exec "show arp | inc $ip"]
if [regexp {[a-zA-Z]+\s+\d+\.\d+\.\d+\.\d+\s+\d+\s+([0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+)\s+ARPA} $result match mac ] {
set output [exec "show mac address-table address $mac"]
regexp {(\d+\s+[0-9a-f]+\.[0-9a-f]+\.[0-9a-f]+\s+[A-Z]+\s+[0-9\/a-zA-Z]+)} $output match output
puts "$ip = $output"
} else {
puts "$ip not in arp table"

}}

########

My file is called resolve.tcl and this can be run in exec mode on the switch.

Switch_1#tclsh flash:resolve.tcl 192.168.0.2 192.168.0.1 192.168.0.3
192.168.0.2 = 1    0024.14ac.0f48    DYNAMIC     Fa0/11
192.168.0.1 = 1    0001.6c14.f8c1    DYNAMIC     Fa0/12
192.168.0.3 not in arp table

Switch_1#

 

Thank you so much Daniel.I

Thank you so much Daniel.
I will share this helpful script on my blog.
I believe that other people will love it too.
Best Regards.

1638
Views
0
Helpful
7
Replies
CreatePlease to create content